Cisco 3845 - Security Bundle Router Software Manual page 518
Software configuration guide
Hide thumbs
Also See for 3845 - Security Bundle Router:
- Manual (94 pages) ,
- Quick start manual (38 pages) ,
- Hardware installation manual (418 pages)
Table of Contents
Advertisement
Configuring QoS
Beginning in privileged EXEC mode, follow these steps to create an IP extended ACL for IP traffic:
Command
Step 1
configure terminal
Step 2
access-list access-list-number permit
protocol {source source-wildcard
destination destination-wildcard} [tos
tos] [dscp dscp] [time-range name]
Note
If you enter a dscp value, you
cannot enter tos.
or
ip access-list extended name
Step 3
end
Step 4
show access-lists
Step 5
copy running-config startup-config
To delete an access list, use the no access-list access-list-number global configuration command.
This example shows how to create an ACL that permits IP traffic from any source to any destination that
has the DSCP value set to 32:
Cisco ME 3800X and 3600X Switch Software Configuration Guide
27-30
Purpose
Enter global configuration mode.
Create an IP extended ACL. Repeat the step as many times as necessary.
•
For access-list-number, enter the access list number. The range is
100 to 199 and 2000 to 2699.
•
Always use the permit keyword for ACLs used as match criteria in
QoS policies. QoS policies do not match deny ACLs.
For protocol, enter the name or number of an IP protocol. Although
•
other protocols are visible in the command-line help, only these are
supported: IGMP, TCP, UPD, ICMP, IPINIP, and GRE. If you enter
other protocol types, the command is rejected.
The source is the number of the network or host sending the packet.
•
The source-wildcard applies wildcard bits to the source.
•
•
The destination is the network or host number receiving the packet.
•
The destination-wildcard applies wildcard bits to the destination.
You can specify source, destination, and wildcards as:
•
The 32-bit quantity in dotted-decimal format.
The keyword any for 0.0.0.0 255.255.255.255 (any host).
•
The keyword host for a single host 0.0.0.0.
•
Although other optional keywords are visible and can be configured, only
these are supported in QoS ACLs:
tos—Enter to match by type of service level, specified by a number
•
from 0 to 15 or a name: normal (0), max-reliability (2),
max-throughput (4), min-delay (8).
•
dscp—Enter to match packets with the DSCP value specified by a
number from 0 to 63, or use the question mark (?) to see a list of
available values.
•
time-range—Specify a configured time range for applying the
ACLs. You configure the time range using the time-range
time-range-name global configuration command.
Define an extended IPv4 access list using a name, and enter access-list
configuration mode. The name can be a number from 100 to 199.
In access-list configuration mode, enter permit protocol {source
source-wildcard destination destination-wildcard} [tos tos] [dscp dscp]
[time-range name] as defined in Step 2.
Return to privileged EXEC mode.
Verify your entries.
(Optional) Save your entries in the configuration file.
Chapter 27
Configuring QoS
OL-23400-01
- Quick Links:
- Vlan Features
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
